ClawHub

Yuanfang HTML PPT

Security checks across malware telemetry and agentic risk

Overview

This skill generates presentation files and may fetch a user-provided URL for branding, but its sensitive actions are disclosed and fit its purpose.

Install this if you want an agent to create and revise local PPTX/HTML deck files. Review output paths before rendering because existing deck.html or deck.pptx files at the same path may be replaced, and only provide URLs whose contents and branding assets you are comfortable having fetched and reused in a presentation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list is very broad, including common terms like “PPT”, “报告”, and “演示文稿”, which can cause the skill to activate in many routine contexts where the user did not explicitly request file generation or web extraction. In this skill’s context, overbroad invocation is meaningful because activation can lead to remote fetching, local file writes, and content transformation workflows that the user may not have intended.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill describes editing `content.yaml` and regenerating `deck.pptx`/`deck.html`, but it does not clearly warn users that local files will be created and overwritten as part of normal operation. In practice, this can cause unintended modification or loss of existing files, especially if paths are reused or the user does not realize re-rendering is destructive.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The URL-based mode instructs the agent to fetch remote pages and extract branding assets such as logos, colors, and fonts, but the description does not clearly warn users that external network access and content retrieval will occur. This matters because users may provide sensitive or internal URLs without understanding that the skill will access them and process remote content automatically.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal